Q. How do I open port 80 (Apache Web Server) under Red Hat / CentOS / Fedora Linux?
A. The default configuration file for iptables based firewall under RHEL / CentOS / Fedora Linux is /etc/sysconfig/iptables. Open this file using a text editor such as vi:
Linux Open Port 80 (http)
# vi /etc/sysconfig/iptables
Append rule as follows:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Save and close the file. Restart iptables:
# /etc/init.d/iptables restart
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins

- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -



{ 7 comments… read them below or add one }
I tried this and restarted the ipchains with service iptables restart
but it will still not work.
any ideas?
Thanks for this. Being used to debian/ubuntu I’d forgotten where to go when setting up a CentOS box.
@gabriel – you might want to try moving the rule further up in the file. I put it as the last rule but that didn’t work. Moving it further up (in particular before “-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited”) seemed to do the trick.
This almost worked for me. Using -A was a problem however, because the rule needed to be insterted at the top because of other rules I had in place. If the above doesn’t work for you, use the following at the command line:
iptables -I RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
Firstly Many thank you to you all…
Awesome…and Great community on earth and heartily thank you again for all your time and expertise.
I have used below and it works…
iptables -I RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
Thank you for this one, I really needrf this for my Apache config :)
This is great and worked perfectly! Thank you for posting this. I was wondering if you know the way to do the same thing from the command line (without vi) so that it can be scripted. I found on some other blog
but when I tried that it didn’t work and when I checked /etc/sysconfig/iptables there’s no rule for port 80 like I expected.
I have used the following to open port 80 via iptables:
iptables -A INPUT -p tcp -m state –state NEW,ESTABLISHED -j ACCEPT –dport 80